| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
Needed for compiling clang-21
(From OE-Core rev: c0839647ebd4aca135e965d0bd66c5f6e409b44f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Needed for the clang 21 upgrade
(From OE-Core rev: 79c1594bb0a8075a0d7b5c281f996e54c5351630)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Currently CVE_PRODUCT is set to llvm:llvm from common.inc.
There is historical entry for openmp in the DB.
This entry is ignored, but it shows that there can also be future ones.
(From OE-Core rev: ba94d5f1756647ce9d4ddd664bdf6fc975f952cd)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The don't show up in CVE metrics anymore since they were either fixed
upstream or recipe version was upgraded meanwhile.
* bind CVE-2019-6470: cpe got corrected in nvd db
* libxml2 CVE-2023-45322: version is now higher than NVD cpe
* zlib CVE-2023-45853: version is now higher than NVD cpe
* gcc CVE-2021-37322: version is now higher than NVD cpe
* python3
* CVE-2007-4559: version is now higher than NVD cpe
* CVE-2019-18348: version is now higher than NVD cpe
* CVE-2020-15523: version is now higher than NVD cpe
* CVE-2022-26488: version is now higher than NVD cpe
* CVE-2015-20107: version is now higher than NVD cpe
* CVE-2023-36632: version is now higher than NVD cpe
* rust
* CVE-2024-24576: NVD has no cpe, but we have newer version as fix
* CVE-2024-43402: version is now higher than NVD cpe
* cups CVE-2021-25317: version is now higher than NVD cpe
* ghostscript CVE-2023-38559: version is now higher than NVD cpe
* libtirpc CVE-2021-46828: version is now higher than NVD cpe
* unzip CVE-2008-0888: version is now higher than NVD cpe
* ffmpeg CVE-2023-39018: cpe got corrected in nvd db
* libxslt CVE-2022-29824: version is now higher than NVD cpe
* libyaml
* CVE-2024-35325: CVE is now rejected in NVD DB
* CVE-2024-35326: CVE is now rejected in NVD DB
* CVE-2024-35328: CVE is now rejected in NVD DB
Also add comment for iputils regarding reports for FKIE/NVD2.
Also remove some trailing spaces in python recipe.
(From OE-Core rev: 73ee9789183aa95072af2b51ac9e08203f4e33f9)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=========
- Add support for the iri and iri-reference formats to the format-nongpl
(From OE-Core rev: 875e622eaa318eecd8214c2481d431e6a88e8419)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Drop support for Python 3.8
- Officially support Python 3.13
- Avoid a deprecation warning emitted by a dependency when using the tag-pattern option
(From OE-Core rev: bbc00f129553e3c9ccaca0a62afdbc22eb573590)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Add /chosen bootsource property
- Add /chosen KHO (for Linux kernel kexec) properties
- Extend wakeup-source property to define modes
- Add system level idle states
- Add '-db' property unit suffix
(From OE-Core rev: 77bc2f5c1dad9ed4d8a269c9cb3dc8f1c63a1d86)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Some method calls with 0 or 1 argument failed to use ``PyObject_VectorCallMethod()``.
- Walrus assignments of literal Python integers could generate invalid C code.
(Github issue :issue:`6989`)
- ``cython.pythread_type_lock`` (also used as fallback for ``cython.pymutex``)
could stall on heavily contended locks.
(Github issue :issue:`6999`)
- C string arrays (not pointers) always coerced to the Python default string type,
even on explicit casts to other string types.
(Github issue :issue:`7020`)
- Unterminated ``\N{}`` character escapes in strings could unrail the parser.
(Github issue :issue:`7056`)
- An internal C function was not marked as ``static`` and leaked a linker symbol.
(Github issue :issue:`6957`)
- Some Unicode letters were not recognised as lexically valid name parts.
(Github issue :issue:`7059`)
- Compatibility with PyPy3.8 was lost by accident.
- The Linux binary wheels of 3.1.2 used SSSE3 CPU instructions which are not available on some CPUs.
(Github issue :issue:`7038`)
(From OE-Core rev: 14c2006bce8861eaf2b65d5c71097e67d1af19cf)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
==========
- Fix reconciliation of default, flag_value and type parameters for
flag options, as well as parsing and normalization of environment variables.
- Fix typing issue in BadParameter and MissingParameter exceptions for the
parameter param_hint that did not allow for a sequence of string where the
underlying functino _join_param_hints allows for it.
- Use the value of Enum choices to render their default value in help
screen.
- Fix completion for the Z shell (zsh) for completion items containing
colons.
- Don't include envvar in error hint when not configured.
- Fix a rare race in click.testing.StreamMixer's finalization that manifested
as a ValueError on close in a multi-threaded test session.
(From OE-Core rev: 8a5a2fabac46df8ce22c6d645af6b278283c9c00)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Changelog:
- Do not reallocate the final silo blob when compiling to reduce peak RSS by about ~6%
(From OE-Core rev: 2f0d4d08a79a84c35d8867d06c9e8c58d8a25baa)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Release notes:
https://github.com/xkbcommon/libxkbcommon/blob/master/NEWS.md#libxkbcommon-1110--2025-08-08
(From OE-Core rev: d9c858b5d0b981b0d37ee1e75e22132c6b1b3a64)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
- The minimum supported Rust version (MSRV) is 1.85.1.
- #1178: Improved performance when using an application-supplied
stylesheet for an SVG handle - do cascading only once in that case
instead of twice.
- #1164: Don't panic if there are no fonts installed - this happens
easily in Alpine containers (Lovell Fuller).
- Update to gtk-rs-core 0.21 (Maximiliano Sandoval).
- Vastly improved infrastructure to generate the development guide and
the rsvg-convert manual page (Toluwaleke Ogundipe).
- Start implementing the SVG2 text stack (Adetoye Anointing, from his
Outreachy internship).
- Fixed the Windows CI (Chun-wei Fan).
- Lots of internal cleanups to make it easier to remove Cairo in the future.
(From OE-Core rev: 1b3a9e18e55d4853c2ce34f131e109c21a5fa943)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
===========
- High-resolution scroll wheels have better heuristics to avoid inadvertent
scrolls. This should also help with not-so-high-resolution scroll wheels which
can skip those heuristics now, resulting in better responsiveness.
- Virtual devices (e.g. uinput) are now detected in libinput and some internal
heuristics are disabled for those (e.g. tablet smoothing)
- Tablet tools with an fixed eraser button (almost all these days) can now
configure that eraser button to be a regular button instead.
- Jumping cursors on Asus "ASUE..." touchpads have lost their excitement and
are no longer jumping.
- libinput now uses a plugin pipeline internally. This prepares the way for
public plugins, planned for libinput 1.30.
- mtdev is now an optional dependency
- libinput debug-tablet-pad is a new tool for interactive tablet pad debugging
- a lot of internal code modernization, making the code nicer to work on and
test cases easier to write
Release notes:
https://gitlab.freedesktop.org/libinput/libinput/-/releases/1.29.0
(From OE-Core rev: 604373553a0ed8727182a456f993593ece3f6f5e)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
=============
- Speed up handling fonts with very large number of variations:
- Drawing by up to 40%.
- Calculating glyph extents by up to 15%.
- Getting horizontal glyph advances by up to 45%.
- Speed up getting horizontal and vertical glyph advances by up to 24%.
- Significantly speed up vertical text shaping.
- Various documentation improvements.
- Various build improvements.
- Various subsetting improvements.
- Various improvements to Rust font functions (fontations integration) and shaper (HarfRust integration).
- Rename harfruzz option and shaper to harfrust following upstream rename.
- Implement hb_face_reference_blob() for DirectWrite font functions.
- New API:
+hb_font_get_glyph_origins_func_t
+hb_font_get_glyph_h_origins_func_t
+hb_font_get_glyph_v_origins_func_t
+hb_font_funcs_set_glyph_h_origins_func()
+hb_font_funcs_set_glyph_v_origins_func()
+hb_font_get_glyph_h_origins()
+hb_font_get_glyph_v_origins()
- Fix crasher in the glyph_v_origin function introduced in 11.3.0
- Fix build with non-compliant C++11 compilers that don't recognize the "and" keyword
- Fix bug in vertical shaping of fonts without the vmtx table
- General shaping and subsetting speedups.
- Fix in Graphite shaping backend when glyph advances became negative.
- Subsetting improvements, pruning empty mark-attachment lookups.
- Don't use the macro name _S, which is reserved by system liberaries.
- Build fixes and speedup.
- Add a kbts shaping backend that calls into the kb_text_shape
single-header shaping library.
(From OE-Core rev: 791fd2b2a639af751a8b9a9bce142463a08347aa)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE update is currently not working properly on autobuilder.
This improves logging for problem analysis.
Future time is something which could be reason for current autobuilder
problems since the DB was not updated for more than 3 months by now.
(From OE-Core rev: 0098a05116624d019f8c5107940e910d867f3afc)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
If there is no primary metric use the Secondary one.
(From OE-Core rev: 5ad0516aba120d9eba5f10afa3a4de3d25fd31fc)
Signed-off-by: Jonathan Schnitzler <jonathan.schnitzler@faro.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Use "attackVector" for CVSS >= 3 as it only CVSS v2 uses "accessVector".
(From OE-Core rev: 7e4d566445a8cbe1e540e20837d45692d81af77f)
Signed-off-by: Jonathan Schnitzler <jonathan.schnitzler@faro.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the code was changed to update the DB in temporary file, code
cleaning the final file in downloads is never executed.
Remove it.
Since the code always removes both files in temporary directory, remove
also comment which is trying to differentiate this code from code just
removed.
(From OE-Core rev: bece6dbf5d0e89b2e846587e1b89766e16dd9253)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If the job runs every day at the same time, it usually updates only
every second day, because it takes non-0 time for DB update and set the
timestamp. So it does not take full 24-hours from time when the DB was
updated until the next job starts.
(From OE-Core rev: 4a82ae1315b034b6386a82127e1ec8d6f504ec89)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
OE-Core rev: b64a869b9c5e1d504f1011da16b5c5ff721afbf0
This commit was not applied on nvd1/fkie fetcher.
(From OE-Core rev: dd5efc4a242ec918dd276d10da8c68f606ba8809)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
OE-Core rev: 337c0806d2784d74bee8d6420fb8b4d48795d5fa
This commit was not applied on nvd1/fkie fetcher.
(From OE-Core rev: 749c8e266ded2fa81e0e0ebbfa8f1ba164a062f2)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
OE-Core rev: 03596904392d257572a905a182b92c780d636744
This seems to be misimplemented when re-adding update from nvd1 feed.
Use file in temporary directory instead of downloads directory for
update process.
(From OE-Core rev: e5b0a74810fdd3f72fe61e0ae1f859a444dc1fa5)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The patches linked in NVD reports are present in binutils-2_45-branch.
Technically the NVD is wrong (=2.45 should be <2.45), but fixing it in
the recipe is not problematic as all cpe-stable-backport will be
automatically removed in next upgrade so will not be "kept forever".
CVE-2025-7545
* https://nvd.nist.gov/vuln/detail/CVE-2025-7545
* https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944
CVE-2025-7546
* https://nvd.nist.gov/vuln/detail/CVE-2025-7546
* https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=41461010eb7c79fee7a9d5f6209accdaac66cc6b
(From OE-Core rev: 0fb876e247faea84dfa8fd302b80cb7afdc575d9)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If --overhead-factor and --extra-space are passed with =FOO the
check fails. Fix this by checking parsed.overhead_factor and
parsed.extra_space instead.
(From OE-Core rev: 46c24b67d4e9d28e7216a7394090d807cf879fa7)
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
As shown in [1] when expanding tags including it.
NVD tracks this CVE as version-less.
[1] https://gitlab.gnome.org/GNOME/libxml2/-/commit/c340e419505cf4bf1d9ed7019a87cc00ec200434
(From OE-Core rev: d8a9c190811ad9658a74502a371c110f4d24d68f)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Commit mentioned in [1] is included in 77-1.
This comit was also backported to Yocto all stable/LTS releases.
[1] https://security-tracker.debian.org/tracker/CVE-2025-5222
(From OE-Core rev: 69c2956d6af3ffdedc77649ea833dc04ab62b8d3)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is mentioned in [1].
NVD tracks this as version-less CVE.
[1] https://gitlab.com/gnutls/gnutls/-/blob/3.8.10/NEWS?ref_type=tags#L8
(From OE-Core rev: 8367ddb87a51abaa8949614faabc146f40f518a1)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As of now, update of CVE DB from FKIE source (which is the defailt)
fails with following error:
File: '<build>/poky/meta/recipes-core/meta/cve-update-db-native.bb', lineno: 393, function: update_db_fkie
0389: [cveId, cveDesc, cvssv2, cvssv3, cvssv4, date, accessVector, vectorString]).close()
0390:
0391: for config in elt['configurations']:
0392: # This is suboptimal as it doesn't handle AND/OR and negate, but is better than nothing
*** 0393: for node in config["nodes"]:
0394: parse_node_and_insert(conn, node, cveId, False)
0395:
0396:def update_db(d, conn, jsondata):
0397: if (d.getVar("NVD_DB_VERSION") == "FKIE"):
Exception: KeyError: 'nodes'
Entry for new CVE-2025-32915 is broken.
(From OE-Core rev: 152be29f6a732b2ba1c95bcf465455d2a5a3f33a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes segfaults in ptests on musl
Failed ptests:
{'libseccomp': ['11-basic-basic_errors%%001-00001_11-basic-basic_errors_rc=139']}
(From OE-Core rev: 4f26edb6fd7e3dc5f81c56faed3a0edd9264bf66)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Take a partial patch to disable portion of test_makedev, its also applied
in alpine. NODEV does not exist on musl
Add test_null_dlsym to ignore list on musl, it needs GNU ifunc support
and musl does not implement GNU ifuncs
fixes
Failed ptests:
{'python3': ['test_null_dlsym', 'test_makedev', 'python3']}
(From OE-Core rev: c197de49d6b406be5fc79b6e17c397c834efc1b0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/7be20ccaab97455f192de0ac561ceda7cd9e12d1, https://gitlab.com/libtiff/libtiff/-/commit/2ebfffb0e8836bfb1cd7d85c059cd285c59761a4, https://gitlab.com/libtiff/libtiff/-/commit/3994cf3b3bc6b54c32f240ca5a412cffa11633fa, https://gitlab.com/libtiff/libtiff/-/commit/ce46f002eca4148497363f80fab33f9396bcbeda, https://gitlab.com/libtiff/libtiff/-/commit/ecc4ddbf1f0fed7957d1e20361e37f01907898e0, https://gitlab.com/libtiff/libtiff/-/commit/75d8eca6f106c01aadf76b8500a7d062b12f2d82, https://gitlab.com/libtiff/libtiff/-/commit/e8c9d6c616b19438695fd829e58ae4fde5bfbc22]
CVE's Fixed:
CVE-2024-13978 libtiff: LibTIFF Null Pointer Dereference
CVE-2025-8176 libtiff: LibTIFF Use-After-Free Vulnerability
CVE-2025-8177 libtiff: LibTIFF Buffer Overflow
(From OE-Core rev: 16d8a873c57b174e4d6581b58d890f2157aa2f2c)
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
What's new in at-spi2-core 2.56.4:
* Fix key grabs when num lock or caps lock are on under Wayland.
atk-bridge: Don't crash when requesting a plug if not activated
* Add sanity checks for child indices received via DBus.
https://gitlab.gnome.org/GNOME/at-spi2-core/-/blob/2.56.4/NEWS?ref_type=tags
Comparing changes:
https://github.com/GNOME/at-spi2-core/compare/2.56.3...2.56.4
(From OE-Core rev: 59c9aa2411514f448cec23c0ceefeada2a103d85)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove "libev" configuration option, no longer in use since 1.4.80
Upstream changes
1.4.81:
- security: fix to reject disallowed trailers
1.4.80:
- detect and issue error trace for HTTP/2 MadeYouReset VU#767506 CVE-2025-8671
- stricter HTTP request/response header, trailer, and chunked validation/parsing
- support HTTP response trailers
- support HTTP request trailers merge to headers (if not streaming request body)
- bug fixes
(From OE-Core rev: 6054ad0b7a3cf8a6853bdedfdbf973742af58fea)
Signed-off-by: Michael Opdenacker <michael.opdenacker@rootcommit.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "has-elf-tls" option was removed by the commit
8e1614a906086fb46c5dd7b7f2dffab91194165c. However is should have been
renamed to "has-thread-local", since it was renamed and not removed in
rust by this commit.
https://github.com/rust-lang/rust/commit/391332c5d9d5a5e97a0d36e011a87ad43045cfd3
Change-Id: Ia1fdf7698ebeef62a88052713645d5b499164353
(From OE-Core rev: 18a87dd1724e0934a669aefae36d20374c06c493)
Signed-off-by: Per x Johansson <perxjoh@axis.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
when running oe-selftest for gcc some of the output pattern matchng test cases
were getting failed due to below issue.
Output line 1 was:
Warning: Permanently added '192.168.7
Should match (from /poky/poky/build-st/tmp/work-shared/gcc-15.1.0-r0/sources/
gcc-15.1.0/gcc/testsuite/gcc.dg/dg-output-file-1-lp64.txt):
This is a test output for lp64 target
Failed test for output line 1 This is a test output for lp64 target
(From OE-Core rev: 08200d7ac9d96996dbc1f913bcc0c8bee13592f8)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The test pr61599-1.c fails because it requires more than 3GB of RAM.
This change increases the allocated RAM to 4GB to prevent test failures.
(From OE-Core rev: 745eedb1afcb4f8e28ca560ae41d3297bb63cdd4)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When gcc build with PIE enabled the following tests
were getting failed:
FAIL: gcc.target/i386/pr90579.c scan-assembler vaddsd\tr\\+40
FAIL: gcc.target/i386/pr90579.c scan-assembler vaddsd\tr\\+32
FAIL: gcc.target/i386/pr90579.c scan-assembler vaddsd\tr\\+24
FAIL: gcc.target/i386/pr90579.c scan-assembler vaddsd\tr\\+16
Detailed bug info & upstream fix is here:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=118885
Upstream Status: Backport [https://gcc.gnu.org/cgit/gcc/commit/?id=679e24f5a751663998ff7202149a749e0f7251f9]
(From OE-Core rev: 7641e08044203ac9dde9a53b91bd01f9432d11f2)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On musl, there is no real legacy (non-UTF-8) fr_FR locale.
These tests are designed for libcs that ship both fr_FR (ISO-8859-1)
and fr_FR.UTF-8. So the right thing will be to SKIP these tests
Unsetting LOCALE_FR will ensure that it does not enable ISO-8859-1
path, so reset it in run-ptest but thats not enough because it is
being set in the test's own init-env file as well so clear it in that
file as well.
Fixes
Failed ptests:
{'gettext': ['intl-2', 'intl-4', 'intl-thread-3', 'lang-sh', 'lang-bash']}
(From OE-Core rev: 0fe96efea084f4594df43f57e121cb2353bfafa7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Use posix thread on musl and cache
* Force using system posix complaint printf
* Add coreutils to ptest dependencies
(From OE-Core rev: 16b1fff0dc3f95d2f52106b0133133d175725d52)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
This is passing ok with gcc/libgcc on YP AB
(From OE-Core rev: c1bb95055810b272237d5a143f7e01a270e74868)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* it's deprecated since python-3.12 and removed in 3.14 causing:
openembedded-core/meta/lib/oe/license.py', lineno: 176, function: visit
0172:
0173: LicenseVisitor.__init__(self)
0174:
0175: def visit(self, node):
*** 0176: if isinstance(node, ast.Str):
0177: lic = node.s
0178:
0179: if license_ok(self._canonical_license(self._d, lic),
0180: self._dont_want_licenses) == True:
Exception: AttributeError: module 'ast' has no attribute 'Str'
(From OE-Core rev: 1eb2137324202107baa5cadcfdd682629a9cc269)
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade to release 1.45:
- Add missing newlines on error messages
- timezone: Replace Localtime file copy with symbolic link
- Fix CVE-2025-32366 vulnerability
- Fix CVE-2025-32743 vulnerability
- vpn: Fix extracting of PrefixLength D-Bus value
- vpn: Fix mem leak of gid_list in task setup
- dchpv6: Set err to 0 when client creation succeeds
(From OE-Core rev: c5fd636aa6f310e868ea29a72913ea96edcf57c5)
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handles CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158.
Changes between 9.1.1198 -> 9.1.1652
====================================
https://github.com/vim/vim/compare/v9.1.1198...v9.1.1652
Refresh patches.
Add tag to SRC_URI.
Disable newly introduced wayland support (in patch version 1485).
To this belongs also adding recursion in delete command for dir auto
which was newly failing as there is wayland directory inside now.
If someone is interested, this can be probably enabled, but without
additional work it results in compilation error due to function
redefinition conflicts.
(From OE-Core rev: e87d427d928234ef0441f9ce1fe8631fbe471094)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure consistent locale setting, since we are not
using make environemnt to run the tests like
upstream does. The test scripts are run explicitly
This fixes a problem with musl ptest runs where the
locale-driven quoting ends up using C.UTF-8 quotes
in gnulib’s quotearg() end up with curly quotes
instead of ASCII quote character which is expected
and result is reported as failure even though numbers
are matching.
Fixes:
-find: invalid group name or GID argument to -group: '4294967296'
+find: invalid group name or GID argument to -group: ‘4294967296’
FAIL: tests/find/user-group-max.sh
(From OE-Core rev: 0e60d1169ee0ae0e6651951e9a917a0e24bee157)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
The issue seems to be have been fixed for long time since 4.5.3 onwards
(From OE-Core rev: 6637e59d6bc03f8eb7cf75bc506307e249809ada)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's no point building or installing static plugins, so apply a patch
to only build shared plugins.
Poky passes --disable-static via no-static-libs.inc, but anyone building
babeltrace2 with nodistro or another distro that doesn't use
no-static-libs.inc will fail to build babeltrace2 because of packaging
errors around the static version of the python plugin.
(From OE-Core rev: cf5ef8a2b6f509c348b9cf800a8534a4e8702103)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This recipe for nghttp2 doesn't build any of the binaries, just the core
library, but is structured like a recipe that is primarily an application
that happens to ship libraries.
Remove the lib${BPN} package and put the library into PN (which will then
be debian-renamed).
Use the shorthand option to just build the library.
Add documentation enabling/disabling options so we don't install the
docs if not needed. Currently there are no extra dependencies as the
sphinx-generated manpages are pre-built in the tarballs, but this could
change.
(From OE-Core rev: 0fe1fb05cf6b36d70d43b3bd245a53ac36d389fa)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The script file psplash.sh tries to mount the PSPLASH_FIFO_DIR variable.
If the variable is empty, the mountpoint command returns a usage text
(busybox mountpoint here, util-linux mountpoint behaves the same):
BusyBox v1.37.0 () multi-call binary.
Usage: mountpoint [-q] { [-dn] DIR | -x DEVICE } :~# BusyBox v1.37.0
() multi-call binary
The return code with this console output is 0 and the mount command in the
if statement is executed.
Then this mount also fails with an empty mountpoint argument.
The source code of psplash respects an empty PSPLASH_FIFO_DIR variable
(see psplash.c) and makes a fallback to "/run". So the psplash.sh script should
also respect the empty var.
Try to mount the PSPLASH_FIFO_DIR only if the variable is not empty.
(From OE-Core rev: 85a5e562c5969c407a222966ccb3170cb41fed2f)
Signed-off-by: Falk Bauer <falkbauer.git@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Allow packaging of wheels for riscv64 architecture
(From OE-Core rev: 56a32c0b0294d55e75ea54046fb1508f9ff17e4b)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Do not rely on how python detects the platform triplet
We have been lucky to get it cross-compiling since our build hosts
are also using glibc, so the headers and gcc install locations match
and the values it detects are mostly what we will need for glibc
based targets, but when we use musl e.g. the problems show up where
python3 is not able to automitically discover python modules so any
python package having compiled .so modules fail to load.
Example is ptest failures with TCLIBC = "musl"
and running core-image-ptest-python3-rpds-py
This is revamp of patch [1], currently its working for glibc
based cross-compiling because we build on linux systems which are also
glibc based, but python on musl shows the problem.
When python was upgraded to 3.12 [2], this patch was wrongly dropped
and sadly regression went unnoticed, without this patch
Python's automatic module discovery does not work when it is cross-compiled
this is because it tries host tools and compiler installation during configure
to detect it. .so modules e.g. modulename.cpython-*.so are not seen as a result.
This is seen when running python3-rpds-py ptests where it should load
rpds.cpython-313-x86_64-linux-musl.so rpds.so but it does not and the module test
fail.
root@qemux86-64:/usr/lib/python3-rpds-py/ptest# python3 -c "
import sysconfig
import importlib.machinery
print('Extension suffixes:', importlib.machinery.EXTENSION_SUFFIXES)
print('Soabi:', sysconfig.get_config_var('SOABI'))
print('Ext suffix:', sysconfig.get_config_var('EXT_SUFFIX'))
print('Module suffix:', sysconfig.get_config_var('SO'))
"
Extension suffixes: ['.cpython-313.so', '.abi3.so', '.so']
Soabi: cpython-313
Ext suffix: .cpython-313.so
Module suffix: None
And after fix it is.
root@qemux86-64:~# python3 -c "
import sysconfig
import importlib.machinery
print('Extension suffixes:', importlib.machinery.EXTENSION_SUFFIXES)
print('Soabi:', sysconfig.get_config_var('SOABI'))
print('Ext suffix:', sysconfig.get_config_var('EXT_SUFFIX'))
print('Module suffix:', sysconfig.get_config_var('SO'))
"
Extension suffixes: ['.cpython-313-x86_64-linux-musl.so', '.abi3.so', '.so']
Soabi: cpython-313-x86_64-linux-musl
Ext suffix: .cpython-313-x86_64-linux-musl.so
Module suffix: None
[1] https://git.openembedded.org/openembedded-core/commit/?id=407744b00d702e3133304e1b43064a5634ca02cf
[2] https://git.openembedded.org/openembedded-core/commit/?id=716d82352545d3667a658b69d65d6127678dd150
(From OE-Core rev: 7bb157e48f5e5272db7506c7eb3118209dc3b35f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
